Conference ProceedingsOPEN ACCESS

Quadratic relation of S-box and its application to the linear attack of full round DES

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (1998) 1462 200-211
DOI: 10.1007/BFb0055729
27Citations
Citations of this article
38Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

In this paper, we derive 7 quadratic relations over GF(2) from the input and output bits of the S-boxes of DES. We apply one of those to an improved linear attack of full round DES. We describe an improved algorithm by combining the non-linear approximation method proposed by Knudsen and Robshaw, and the multiple approximation method proposed by Kaliski and Robshaw. This improvement can reduce the number of required plaintexts and ciphertexts pairs to 25/34 (73.5 %) of those number of pairs 243 required in the linear attack by Matsui.

Cite

CITATION STYLE

APA

Shimoyama, T., & Kaneko, T. (1998). Quadratic relation of S-box and its application to the linear attack of full round DES. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 1462, pp. 200–211). Springer Verlag. https://doi.org/10.1007/BFb0055729

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free